Compagnies des Alpes // 2019 Universal Registration Document

2 RISK FACTORS

Internal control procedures

l hedging the interest rate risk through the use of derivatives; l managing the Group’s cash position by centralising the management of entities’ cash surpluses and cash requirements within a cash pool for entities that have agreed to the principle of centralised management; l monitoring relationships with banks. The IT Department is responsible for implementing an IT system that meets the requirements laid down in the areas of reliability, availability, information traceability, data consistency and security. It develops and maintains business applications common to several entities and ensures that the interfaces for feeding information into the various applications work properly. It is in charge of the system and data security policy and is involved in de fi ning security and back-up plans. Each of the departments is involved, as part of its duties, in the internal control system, as it is required to draw up and distribute rules and procedures relating to its area of responsibility to Group entities. Process oversight Accounting and fi nancial information is subjected to a validation process involving the Executive Management, Statutory Auditors, and the Board of Directors through its Audit and Finance Committee. 2.8.4 OVERSIGHT Internal Audit The Internal Audit function is part of the Legal A ff airs, Audit and Internal Control Department. Every year, the audit plan is approved by the Executive Committee and validated by the Audit and Finance Committee. It is drawn up on a multi-year basis to ensure adequate coverage of the subsidiaries, key processes and new projects. In addition, missions not provided for in the audit plan may be carried out at the request of the Chairman and Chief Executive O ffi cer or the Audit and Finance Committee. An annual activity report is presented to the Executive Committee and the Audit and Finance Committee. Internal Audit is tasked with ensuring that internal rules and procedures are respected, checking their e ffi ciency, identifying weaknesses and detecting fraud. Internal audit work is carried out in accordance with the Compagnie des Alpes Group’s Internal Audit Charter. This charter describes the purposes and objectives of Internal Audit, the procedures for carrying out inspections, and the obligations of auditors and those being audited. The formalisation of the internal control procedures continued in 2018/2019, in particular concerning the regulatory changes a ff ecting

The Audit and Finance Committee examines half-year and annual financial statements prepared by the Company as well as the management report on the consolidated fi nancial statements, in the presence of the Statutory Auditors, who in turn present their own report on the closing of the accounts, the principal accounting options and events with a signi fi cant e ff ect on the fi nancial situation, adding comments if they choose. The Audit and Finance Committee examines changes in accounting principles. The Audit and Finance Committee examines all fi nancial statements including the entire annual report and all Notes to the Company’s consolidated and parent-company fi nancial statements. The Board of Directors examines each set of fi nancial statements at each closing of accounts. Financial communication Compagnie des Alpes publishes its fi nancial information in accordance with AMF recommendations. Quarterly, half-yearly and annual fi nancial information is communicated to fi nancial analysts, investors and the key media by means of press releases, as well as being made available on the Company’s website.

2.8.3 CHANGES TO INTERNAL CONTROL PROCEDURES IN 2018/2019 Changes to internal control procedures

our activities. Work is being finalised to make internal control documentation and guidelines available to Group employees on our intranet site and to facilitate their dissemination.

Internal Audit regularly calls on internal or external expertise when the issue at hand is of a highly technical nature. The Audit Department conducts an annual review of the recommendations made to the various entities. These conclusions are then presented to the Executive Committee, and to the Audit and Finance Committee. The Internal Audit Department also coordinates the internal audit work conducted by Caisse des Dépôts’ Internal Audit Department across the CDA scope, and ensures that the ensuing recommendations are followed. The audit plans are shared for greater e ffi ciency. The Board of Directors The Board of Directors sets the Company’s business policies and oversees management. It is assisted by three specialised Committees, whose roles are described in section 3.2.1.2 “Functioning of the Committees” of Chapter 3 “Report on corporate governance”.

41

Compagnie des Alpes I 2019 Universal registration document